Kerberos is a network authentication system which allows clients andservers to authenticate to each other through use of symmetric encryptionand a trusted third party, the KDC. kadmind is the KADM5 administrationserver.

Tenable Network Security discovered a stack buffer overflow flaw in the RPClibrary used by kadmind. A remote unauthenticated attacker who can accesskadmind could trigger this flaw and cause kadmind to crash. On Red HatEnterprise Linux 5 it is not possible to exploit this flaw to run arbitrarycode as the overflow is blocked by FORTIFY_SOURCE. (CVE-2007-3999)